feat: add security audit

2025-06-26 18:27:59 +00:00 · 2024-12-15 21:13:37 -06:00
parent c0acdc5df1
commit 58c2ceb355
5 changed files with 182 additions and 52 deletions
--- a/apps/dokploy/server/api/routers/server.ts
+++ b/apps/dokploy/server/api/routers/server.ts
@@ -26,6 +26,7 @@ import {
 	getPublicIpWithFallback,
 	haveActiveServices,
 	removeDeploymentsByServerId,
+	serverAudit,
 	serverSecurity,
 	serverSetup,
 	serverValidate,
@@ -179,11 +180,36 @@ export const serverRouter = createTRPCRouter({
 						message: "You are not authorized to validate this server",
 					});
 				}
-				const response = await serverSecurity(input.serverId);
-				return {} as unknown as {
-					docker: {
+				const response = await serverAudit(input.serverId);
+				console.log(response);
+				return response as unknown as {
+					ufw: {
+						installed: boolean;
+						active: boolean;
+						defaultIncoming: string;
+					};
+					ssh: {
 						enabled: boolean;
-						version: string;
+						keyAuth: boolean;
+						permitRootLogin: string;
+						passwordAuth: string;
+						usePam: string;
+					};
+					nonRootUser: {
+						hasValidSudoUser: boolean;
+					};
+					unattendedUpgrades: {
+						installed: boolean;
+						active: boolean;
+						updateEnabled: number;
+						upgradeEnabled: number;
+					};
+					fail2ban: {
+						installed: boolean;
+						enabled: boolean;
+						active: boolean;
+						sshEnabled: string;
+						sshMode: string;
 					};
 				};
 			} catch (error) {